Add Device user and authentication api for BB10
Opened this issue · 9 comments
@kwallis
The current cut of the API allows you to get some basic user info and authorization tokens for that particular user.
I did a quick search and there really is nothing in phonegap that is similar. I did find this one W3C reference...i'm not sure how closely these align.
http://www.w3.org/2011/identity-ws/papers/idbrowser2011_submission_20.pdf
Its worth looking at SCIM, http://tools.ietf.org/html/draft-ietf-scim-api-00, a REST API for CRUD operations on a cloud identity system.
Also http://www.w3.org/wiki/WebID is something worth looking at but I do not know what traction its getting in the industry, but some of the ideas are sound.
Hmmmm, having trouble seeing anything in either of these that would map to an application API that leverages our identity service...
Ken Wallis
Product Manager – BlackBerry WebWorks
Research In Motion
(905) 629-4746 x14369
From: brmcbride [notifications@github.com]
Sent: Wednesday, August 29, 2012 1:37 PM
To: blackberry/WebWorks-API-Docs
Cc: Ken Wallis
Subject: Re: [WebWorks-API-Docs] Add Device user and authentication api for BB10 (#349)
Its worth looking at SCIM, http://tools.ietf.org/html/draft-ietf-scim-api-00, a REST API for CRUD operations on a cloud identity system.
Also http://www.w3.org/wiki/WebID is something worth looking at but I do not know what traction its getting in the industry, but some of the ideas are sound.
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/349#issuecomment-8134077.
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
More going into the bb.identity namespace:
blackberry-webworks#178
IMEI and device name being added.
Ken, shouldn't those be going under bb.device : http://docs.phonegap.com/en/1.0.0/phonegap_device_device.md.html
That would keep identity free of BB10 stuff if we want to use it for this.
name should be, yes. IMEI and IMSI don't have equivalent's in phonegap. They were in previous versions of WebWorks under identity, so for consistency they should remain there.
I think we will need to think of something else for BBID.
Ken Wallis
Product Manager – BlackBerry WebWorks
Research In Motion
(905) 629-4746 x14369
From: Chris DelCol (RIM) [notifications@github.com]
Sent: Wednesday, August 29, 2012 2:35 PM
To: blackberry/WebWorks-API-Docs
Cc: Ken Wallis
Subject: Re: [WebWorks-API-Docs] Add Device user and authentication api for BB10 (#349)
More going into the bb.identity namespace:
blackberry-webworks#178
IMEI and device name being added.
Ken, shouldn't those be going under bb.device : http://docs.phonegap.com/en/1.0.0/phonegap_device_device.md.html
That would keep identity free of BB10 stuff if we want to use it for this.
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/349#issuecomment-8136181.
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
I read through the refs from @brmcbride and agree that there is not much there. they are more about the process for handling similar things, not a client api per-se. So likely we'll have to roll our own.
bb.user.xxx?
That would give us:
bb.user.name (looks just like cordova device structure)
bb.user.authenticate (x,y) (or whatever, just throwing it out there.)
Another possibility is that we split:
bb.identity.name (identity serves h/w and user properties)
bb.authenticate.register (service object)
bb.authenticate.getToken (x, callback())
bb.authenticate.clearToken (x)
Something like that? Why is user tied to authentication? if you need to pass bb.identity.id into bb.authenticate then it makes more sense to put them in the same namespace. Is it just historic reasons that they are together? or are they fundamentally tied together?
This goes back to the underlying IDP. Some will be silent and not require authentication. For BBID itself, the user is derived from the authentication. I.e. there is no bb.identity.id unless bb.authenticate took place.
The other aspect to consider is that the authenticate, for the moment at least, is in the realm of the IDP plug in that is actually going to be used for the operation. Again, going back to BBID, it's the actual service that will handle the auth process, either live or silent.
I personally prefer the bb.identity.user or bb.user.identity namespace model.
Has there been a decision on what our namespace will be? My preference would be bb.user.identity.